Prevent Known Vulnerabilities from Entering Your Organization

Vulnerabilities are security flaws in IT applications that could expose endpoints to different types of cyber attacks and malicious software.

Vulnerabilities are a huge risk for many organizations, as attackers often exploit these vulnerabilities before a patch is available and applied. Security administrators need to be able to make quick decisions about what files or data should be allowed into the network but often lack the ability to detect and assess vulnerabilities. With the Metadefender Vulnerability Engine, you can:

Scan systems for known vulnerabilities at rest, without having to power them on

The Vulnerability Engine identifies known application vulnerabilities and reports them by severity level, allowing system administrators to identify vulnerabilities in files and data being brought into a secure network, and on endpoints within a network.

Anatomy of a Browser-Based Exploit

Click to view a larger version of the image

Some examples of use cases for vulnerability assessment include:

Web Proxy Threat Prevention

Portable Media Threats

Forensic Analysis

Use Case: Web Proxy Threat Prevention

For web proxies, all files can be scanned for vulnerabilities and threats before being allowed into a network. Metadefender Core integrates with web proxy servers such as Blue Coat® ProxySG and reverse proxies such as F5® BIG-IP® Load Traffic Manager™ (LTM®) to detect and prevent advanced threats on proxies.

Click diagram to expand

Use Case: Portable Media Threats

Using Metadefender Core technology, Metadefender Kiosk protects secure and air-gapped networks from portable media threats by scanning them for known vulnerabilities before they are allowed to enter the network. All files brought into the organization are logged in a secure server for further analysis if needed.

Click diagram to expand

Use Case: Forensic Analysis

Metadefender Client, powered by Metadefender Core technology, can be used to perform forensic analysis on endpoint devices while they are at rest, identifying known vulnerabilities prior to any network, web, or server connection.

Additional Features

Support for version checks and access to reported known vulnerabilities when used in conjunction with OPSWAT's OESIS technology

Vulnerability Samples

In addition to security applications, applications with many known vulnerabilities like browsers, Java, operating systems, document applications, and Adobe software are top targets for attacks. When a file is scanned by Metadefender, it can be checked for known vulnerabilities and flagged for further analysis. Check out the hash examples below from Metadefender.com to see known vulnerability samples for commonly exploited applications.

Using the Vulnerability Engine

The Vulnerability Engine is supported by the OESIS Vulnerability Assessment Module, which performs version assessment checks on endpoint devices to detect vulnerabilities. If the Vulnerability Engine has been licensed as a custom engine for Metadefender Core, it can be turned on or off in the list of available engines in the Metadefender Core Management Console (shown below).

Click image to see larger view of the Vulnerability Engine in Metadefender Core

Click image to see larger view of the Vulnerability Engine in Metadefender Core